Comments on: About That Verification…

By: Facebook Taking Action on Application Ads | Social Hacking

Facebook Taking Action on Application Ads | Social Hacking — Wed, 29 Jul 2009 18:55:22 +0000

[...] the tape. On May 28th I posted the following tidbit about a Facebook Verified Application: I was surprised to see right in the HTML for the application [...]

By: Social Media Security » Debunking Facebook’s Statements on Ads

Social Media Security » Debunking Facebook’s Statements on Ads — Tue, 28 Jul 2009 01:26:27 +0000

[...] ads scripts which make Facebook API requests from the SocialReach web site. These are the same FQL queries SocialReach made prior to Facebook banning it a while back. Update: On further investigation, it appears the [...]

By: Debunking Facebook’s Statements on Ads | Social Hacking

Debunking Facebook’s Statements on Ads | Social Hacking — Sat, 25 Jul 2009 06:57:07 +0000

[...] ads which make Facebook API requests from the SocialReach web site. These are the same FQL queries SocialReach made prior to Facebook banning it a while [...]

By: theharmonyguy

theharmonyguy — Wed, 10 Jun 2009 06:00:59 +0000

Thanks to everyone for the comments – very much appreciated. Joseph and Tom, I’ll try to e-mail both of you soon. I meant to get in touch a while ago but lately been distracted by life. :)

By: Social Hacking » Blog Archive » Finally

Social Hacking » Blog Archive » Finally — Wed, 10 Jun 2009 05:58:11 +0000

[...] Social Hacking « About That Verification… [...]

By: Light Blue Touchpaper » Blog Archive » How Privacy Fails: The Facebook Applications Debacle

Tue, 09 Jun 2009 23:00:54 +0000

[...] all of this happen using a packet sniffer in real-time and it’s quite amazing. There’s a great writeup from a week ago by another security researcher investigating these matters with some example [...]

By: Aaron M

Aaron M — Sun, 31 May 2009 12:07:27 +0000

Hey friend, I’ve been following your blogs religiously for a few months, and I really appreciate what you do. I’m quite interested in privacy issues on social networks, especially considering our organization has recently moved to use the ning platform. Keep up the good work.

By: Tom

Tom — Fri, 29 May 2009 13:35:12 +0000

Fantastic research as usual! Like you said…users of social media have no idea in general that they allow by default every FB application to access all of their data. What makes it worse is that users put way too much information in their profiles to begin with…thinking that because their profile isn’t “public” they are safe. We need more research in this area..myself and a few other researchers are working on similar projects, some specifically focused on Facebook applications and Facebook Connect (don’t get me started about FB Connect). Would love to collaborate on this research with you and others.

By: Joseph Bonneau

Joseph Bonneau — Thu, 28 May 2009 23:10:30 +0000

This is great stuff. I do some FB app poking over at LBT I’ve been investigating some malicious apps recently too, found some other disturbing things I was in the process of writing up. Drop me a line, I’d love to swap notes.